package com.dsz.duty.controller;

import java.util.List;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;

import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

import web.models.CommonResult;
import web.models.Page;
import web.util.LdapUserUtil;
import web.util.RequestUtil;

import com.dsz.duty.dao.IUserDao;
import com.dsz.duty.model.User;

/**
 * 用户 MVC Controller。
 * 
 * @author crjun
 */
@Controller
@RequestMapping("user")
public class UserController {
	@Resource
	private IUserDao userDao;

    @Resource(name = "ldapUserUtil")
    private LdapUserUtil ldapUserUtil;

	public void setUserDao(IUserDao userDao) {
		this.userDao = userDao;
	}

    public void setLdapUserUtil(LdapUserUtil ldapUserUtil) {
        this.ldapUserUtil = ldapUserUtil;
    }

    private String auth(String username, String password) {
    	if (username.trim().equals("admin")) {
    		if (userDao.auth(username, password)) {
        		return "Administrator";
    		}
    		return null;
//    	} else if (username.trim().equals("aa")) {
//    		return "张三";
    	}
    	return ldapUserUtil.authentica(username, password);
    }
    /* 兼容包括有ptr\的名称 */
    private String cl(String username) {
        if (username.contains("ptr\\")) {
            username = username.substring(4, username.length());
        }
        return username;
    }

	@RequestMapping(value = "/login", method = RequestMethod.POST)
	@ResponseBody
	public CommonResult login(@RequestParam String username,
			@RequestParam String password, Model model, HttpServletRequest request) {
		username = cl(username);
		String result = auth(username, password);
		if (null != result && !result.trim().equals("")) {
			User user = null;
			if (!userDao.userExists(username)) {
				user = new User();
				user.setFullName(result);
				user.setRole(0);
				user.setUsername(username);
				userDao.addUser(user);
			} // 此处考虑更新最后的登录时间
			else {
				List<User> users = userDao.getPageUsers("username = '" + username + "'", 1, 1000000);
				user = users.get(0);
			}
            request.getSession().setAttribute("currentUser", user);
			return new CommonResult(new Integer(1));
		} else
			return new CommonResult(new Integer(0));
	}

	@RequestMapping(value = "/loginout", method = RequestMethod.POST)
	@ResponseBody
	public CommonResult loginout(HttpServletRequest request) {
        request.getSession().removeAttribute("currentUser");
		return new CommonResult(new Integer(1));
	}

	@RequestMapping(value = "/setUserRole", method = RequestMethod.POST)
	@ResponseBody
	public CommonResult setUserRole(@RequestParam String userIds,
			@RequestParam int roleType) {
		if (null != userIds && !userIds.trim().equals("")) {
			int[] ids = RequestUtil.convertStrToIntArray(userIds);
			userDao.setUserRoles(ids, roleType);
		}
		return new CommonResult(new Integer(1));
	}

	@RequestMapping(value = "/remove/{userId}", method = RequestMethod.POST)
	@ResponseBody
	public CommonResult removeUser(@PathVariable int userId) {
		userDao.removeUser(userId);
		return new CommonResult(new Integer(1));
	}

	@RequestMapping("/query")
	@ResponseBody
	public Page<User> queryUsers(@RequestParam String roleType,
			@RequestParam int page, @RequestParam int rows) {
		String filter = "";
		if (null != roleType && !roleType.trim().equals("")) {
			filter += "role = " + Integer.parseInt(roleType);
		} 
		List<User> users = userDao.getPageUsers(filter, page, rows);
		int count = userDao.getUsersCount(filter);
		return new Page<User>(count, users);
	}
}
